<?php

require_once("include.php");
class registereduser extends head {
 function registereduser() {
  $this->table = "REGISTEREDUSER";
  $this->getmetadata();
  $this->maintainhist = true;
  if (isset($_SESSION[$this->table])) {
	 $this->header = $_SESSION[$this->table];
	} else {
   $this->header = array_fill(0,$this->atts,"");
   $this->header[2] = "0";
   $this->header[11] = "101";
  }
  $this->valids = array_fill(0,$this->atts,"");
  $this->refs = array_fill(0,$this->atts,"");
 }

 function applyfromuser() {
  $user = authenticate(1);
  $this->header = array_values($user[0]);
 }

 function showform() {
 }
 
 function applyfromrequest() {
  $this->valid = true;
  // Goes through request. Applies if legal, otherwise error.
  if (isset($_REQUEST["f9"]) ) {
   // email
   $f = $_REQUEST["f9"];
   if (validateemail($f)) {
    if ($f !== $this->header[9]) {
     if (sqlread("select * from registereduser where email = '$f'") == "") {
      $this->header[9] = $_REQUEST["f9"];
     } else {
      $this->valids[9] = "Email address $f already in use ";
     }
    }
   } else {
    $this->valids[9] = "Invalid email address";
   }
  }
  
  if (isset($_REQUEST["f1"])) {
   // name. Allowable characters A-Za-z-space apostrophe
   $f = $_REQUEST["f1"];
   if(preg_match('/^[a-z A-Z\'\.-]{2,45}$/',$f)) {
    $this->header[1] = $f; 
   } else {
    $this->valids[1] = "Please enter a valid name";
   }
  }
  
  if (isset($_REQUEST["f5"]) && isset($_REQUEST["i5"])) {
   // password
   $f = $_REQUEST["f5"];   
   if ($f == $_REQUEST["i5"]) {
    if (strlen($f) > 5) {
     $this->header[5] = md5($f);
     $this->header[7] = $f;
    } else {
     $this->valids[5] = "Password too short (min 6 chars)";
    }
   } else {
    $this->valids[5] = "Passwords do not match";
   }
  }

  if (isset($_SESSION["captcha"]) && isset($_REQUEST["i8"])) {
   $f = $_SESSION["captcha"];
   $i = $_REQUEST["i8"];
   if ($f !== md5($i)) {
    $this->valids[8] = "Wrong input";
   } else {
    $this->header[8] = $_REQUEST["i8"];
   }
  } else {
   $this->valids[8] = "Must supply captcha";
  }
 
  $this->valid = every($this->valids,"");
  if ($this->valid) {
   if ($this->header[1] == "") $this->valids[1] = "Incomplete";
   if ($this->header[5] == "") $this->valids[5] = "Incomplete";
   if ($this->header[8] == "") $this->valids[8] = "Incomplete";
   if ($this->header[9] == "") $this->valids[9] = "Incomplete";
   $this->valid = every($this->valids,"");   
  }
   
  $_SESSION[$this->table] = $this->header;
 }

 function passwordreminder() {
  $this->valid = false;
  if (isset($_REQUEST["f9"])) {
   $i = $_REQUEST["f9"];
   if (validateemail($i)) {
     $stmt = "select * from registereduser where email = '$i'";
     $this->header = sqlread($stmt);
     if (isset($this->header[9])) {
      //     - send email to user with details embedded.

      $to = $this->header[9];
      $link = "http://127.0.0.1/resetpassword.php?code=".$this->header[0]."|".$this->header[8];
      $subject = "Forgot your password";
      $body = "Click this link $link to reset your password";
      mail($to,$subject,$body, "MIME-Version: 1.0\nContent-type: text/plain; charset=iso-8859-1");
      $this->valid = true;
     } else {
      $this->valids[9] = "Email is not valid";
     }
    } else {
     $this->valids[9] = "That is not a valid email address";
    }
   } else {

   }
 }

 function resetpassword() {
  $this->valid = false;
  
  if (($e = @$_REQUEST["email"]) && ($code = @$_REQUEST["code"]) ) {
   $stmt = "select * from registereduser where email = '$e'";
   $this ->header = sqlread($stmt);
   if (isset($this->header[9]) && md5($this->header[0]) == $code) {
    return true;
   }
  } else {
   echo "Incomplete request";
  }
 }
 
 function markedited() {
  $this->header[3] = date("Y-m-d");
  $this->header[4] = $this->header[9];
 }
 
 function newcounter() {
  return getcounter("USR",1);
 }
 
 function makeinsertsql() {
   $stmt = "insert into $this->table values (";
   for ($i=0;$i<$this->atts-1;$i++) {
     $stmt .= "'".$this->header[$i]."',";
   }
   $stmt .= "'".$this->header[$this->atts-1]."')";

   return $stmt;  
 }
 
 function addgroup($grp) {
  $i = $this->header;
  $stmt = "insert into authgroup values ('$i[0]','$grp') on duplicate key update grp = '$grp'";
  sqlexec($stmt);
 }
 
 function activationemail() {
   $to = $this->header[9];
   $link = "http://127.0.0.1/activate.php?code=".$this->header[0]."|".$this->header[8];
   $subject = "Activate your account";
   $body = "Click this link $link to activate your account";
   mail($to,$subject,$body, "MIME-Version: 1.0\nContent-type: text/plain; charset=iso-8859-1");
 }
 
 function doactivation($p) {
   // Speed tip. We needn't bother the DB here if we validate p first.
   $e = explode("|",$p);
   $stmt = "select * from registereduser where itemid = '$e[0]' and activateword = '$e[1]'";
   $ans = sqlread($stmt);
   if (sizeof($ans) == $this->atts) {
  	 $this->header = $ans;
  	 $this->header[6] = dtoiso("");
  	 $this->writedb();
  	 $i = $this->header;
  	 $stmt = "insert into authgroup values ('$e[0]','DEFAULT') on duplicate key update grp = 'DEFAULT'";
  	 sqlexec($stmt);
  	 $i = $this->header;
     $useritem = authenticatedb($i[9],$i[7]) ;
     if ($useritem !== "") {
      $_SESSION["useritem"] = $useritem;
      return true;
	   }
	   return false;
   } else {
     return false;
   }
 }
 
}
?>